Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crache on diff large PE-files #1

Open
togacure opened this issue May 8, 2015 · 0 comments
Open

crache on diff large PE-files #1

togacure opened this issue May 8, 2015 · 0 comments

Comments

@togacure
Copy link

togacure commented May 8, 2015

Windows 7 x64 Home
IDA 6.5 with idasdk
patchdiff2 checouted from master-branche and build with VS 2013 Express

all by default

Perform diff large PE-file with pdb-symbols, such as mshtml.dll (etc. >10M size), crache with ida-dump file size==0.
If attache VS-debugger to worked IDA-exe before crache, see next stacktrace:

    dbghelp.dll!Win32LiveSystemProvider::TibGetThreadTebInfo(void *,unsigned __int64,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *)    
    dbghelp.dll!NtWin32LiveSystemProvider::GetThreadTebInfo(void *,void *,unsigned __int64 *,unsigned long *,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *,unsigned __int64 *)
    dbghelp.dll!GenAllocateThreadObject(struct _MINIDUMP_STATE *,struct _INTERNAL_PROCESS *,unsigned long,unsigned long,struct _INTERNAL_THREAD * *)    
    dbghelp.dll!GenGetProcessInfo(struct _MINIDUMP_STATE *,struct _INTERNAL_PROCESS * *)    
    dbghelp.dll!_MiniDumpProvideDump@40�()  
    dbghelp.dll!_MiniDumpWriteDump@28�()    
    idaq.exe!000de31a() 
    [invalide frames, idaq.exe symbols not loaded]  
    [external code] 
    idaq.exe!002618fc() 
    [external code] 
>   patchdiff2.plw!clist_insert_dsig(c_list * cl, dc_sig * ds)line 137  C++
    patchdiff2.plw!clist_remove(c_list * cl, dc_sig * ds)line 223   C++
    patchdiff2.plw!clist_update_crefs(c_list * cl, dc_sig * ds, int type)line 505   C++
    patchdiff2.plw!clist_update_and_remove(c_list * cl, dc_sig * ds)line 521    C++
    patchdiff2.plw!diff_run(dengine * eng, c_list * cl1, c_list * cl2, int min_type, int max_type, bool pclass)line 565 C++
    patchdiff2.plw!diff_run(dengine * eng, c_list * cl1, c_list * cl2, int min_type, int max_type, bool pclass)line 575 C++

......

It's last patchdiff2-frame - clist.cpp:

static int clist_insert_dsig(clist_t * cl, dpsig_t * ds)
{
    dpsig_t * prev, * cur;
    int ret;

    ds->prev = NULL;
    ds->next = NULL;
    ds->removed = true;

    prev = NULL;
    cur = cl->msigs;
    while (cur)
    {
        // sig_compare is reversed
        ret = sig_compare(&ds->sig, &cur->sig) ;  <<<<<<<<<crache here
        if (!ret && cur->sig->startEA == ds->sig->startEA)
            return -1;

        if (ret <= 0)
            break;

        prev = cur;
        cur = cur->next;
    }

    ds->prev = prev;
    ds->next = cur;

    if (!prev)
        cl->msigs= ds;
    else
        prev->next = ds;

    if (cur) cur->prev = ds;

    cl->nmatch++;

    return 0;
}

with locals:

+       cl  0x34f04060 {num=155 pos=0x34f69c20 {sig=0x2f944510 {name=0x039629f0 "CDoc::CutCopyMove(CMarkupPointer *,CMarkupPointer *,CMarkupPointer *,int,ulong)" ...} ...} ...}    c_list *
+       ds  0x34f692b8 {sig=0x2fac87e8 {name=0x2dd739b0 "CElement::FireElementResizeEvents(void)" startEA=1671056475 ...} ...}  dc_sig *
        ret -858993460  int
+       prev    0x00000000 <NULL>   dc_sig *
+       cur 0x34f69c20 {sig=0x2f944510 {name=0x039629f0 "CDoc::CutCopyMove(CMarkupPointer *,CMarkupPointer *,CMarkupPointer *,int,ulong)" ...} ...} dc_sig *
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@togacure